<?php
////////////////////////////////////////////////////
//	LinBoard
//	Framework/Login.php
//	Created: 22th February 2009; 01:03 UTC
//	LinBoard (c) Copyright OpenInferno 2008, 2009
////////////////////////////////////////////////////

//Setup Environment
error_reporting(E_ALL | E_STRICT);

//Direct Access Check
if(!defined("LINBOARD"))
{
	die("<h1>Access Error</h1>Direct Access to this script is forbidden.");
}

class Login
{
	public function loginUser($username, $password, $rememberme = false)
	{
		Framework::Mysql()->requireConnection();
		
		//Clean Data
		$dirtyusername = $username;
		$username = Framework::Misc()->cleanUsername($username);
		
		//Grab User Details
		$result = Framework::Mysql()->query("SELECT `cleanusername`, `password`, `salt` FROM `".Framework::Config()->Mysql['prefix']."users` WHERE `cleanusername` = '{$username}' LIMIT 1;");
		$result = Framework::Mysql()->fetchArray($result);
		
		$dbusername = $result['cleanusername'];
		$dbpassword = $result['password'];
		$dbsalt = $result['salt'];
		
		$password = $this->encryptPassword($dbsalt, $password);
		//die("DB Salt: {$dbsalt}<br />DB Username: {$dbusername}<br />DB Password: {$dbpassword}<br />Inputed Password: {$password}");
		
		//Check User Details
		if($dbusername != $username)
		{
			//Naughty Naughty! No Cookies for you.
			return false;
		}
		
		if($dbpassword != $password)
		{
			//Naughty Naughty! No Cookies for you.
			return false;
		}
		
		//Log user in
		if($rememberme == false)
		{
			setcookie("username", $dirtyusername, 0, "/");
			setcookie("passhash", $this->encryptSessionHash($username, $password), 0, "/");
		} else {
			//Yum! Yum! Cookies for 30 days!
			setcookie("username", $dirtyusername, 0, "/");
			setcookie("passhash", $this->encryptSessionHash($username, $password), time()+60*60*24*30, "/");
		}
		
		return true;
	}
	
	public function checkCookie()
	{
		if(!isset($_COOKIE['username']) || !isset($_COOKIE['passhash']))
		{
			return false;
		}
		
		$username = Framework::Misc()->cleanUsername($_COOKIE['username']);
		$passhash = $_COOKIE['passhash'];
		
		$dbusername = Framework::User()->getUserDetails();
		$dbusername = $dbusername['cleanusername'];
		$dbpassword = Framework::User()->getUserDetails();
		$dbpassword = $dbpassword['password'];
		
		$dbpasshash = $this->encryptSessionHash($dbusername, $dbpassword);
		
		if($username != $dbusername || $passhash != $dbpasshash)
		{
			return false;
		} else {
			return true;
		}
	}
	
	public function isLoggedin()
	{
		static $loggedin;
		if($loggedin != (true || false))
		{
			$loggedin = $this->checkCookie();
		}
		return $loggedin;
	}
	
	public function requireLogin()
	{
		if($this->checkCookie())
		{
			//Allow user onto page
		} else {
			header("Location: ".Framework::Config()->Main['weburl']."/login.php");
			die();
		}
	}
	
	public function logoutUser()
	{
		setcookie("username", "", time()-3600, "/");
		setcookie("passhash", "", time()-3600, "/");
	}
	
	public function encryptPassword($salt, $password)
	{
		return hash("whirlpool", "{$salt}{$password}");
	}
	
	public function encryptSessionHash($username, $password)
	{
		return hash("whirlpool", md5($username.$password.(strlen($password)*strlen($username))));
	}
	
	public static function getInstance()
	{
		static $instance;
		if(!isset($instance))
		{
			$class = __CLASS__;
			$instance = new $class;
		}
		return $instance;
	}
	
}

?>